2 Replies Latest reply on Feb 25, 2014 3:25 AM by Philippe Marschall

    RBAC role mapping with custom JAAS login module

    Philippe Marschall Master

      We currently have a custom JAAS LoginModule (subclass of DatabaseServerLoginModule) and try to use RBAC in WF8. We have trouble getting the role mapping to work. Mapping a single user works fine but mapping groups does not seem to work. Adding or removing the realm does not seem to make a difference. We do set the rolesQueryInstance variable in the module and @RolesAllowed works fine with the login module.


      Our configuration looks like this:



        <security-realm name="AcmeRealm">


        <jaas name="acme"/>




        <access-control provider="rbac">


        <role name="SuperUser">


        <group realm="AcmeRealm" name="ADMIN"/>






        <subsystem xmlns="urn:jboss:domain:security:1.2">


        <security-domain name="acme" cache-type="default">


        <login-module code="Remoting" flag="optional">

        <module-option name="password-stacking" value="useFirstPass"/>


        <login-module code="com.acme.AcmeDatabaseServerLoginModule" flag="required" module="com.acme.security">

        <module-option name="unauthenticatedIdentity" value="guest"/>